Add quotes to password argument for dump/import

The password is passed on a command line for dump and import and needs
quoting.

Ideally, this would not be passed on a command line at all - any ideas?
Or at least have a stronger form of quoting so that embedded single
quotes will be escaped.
This commit is contained in:
Jim Kleckner 2014-01-02 12:04:03 -08:00
parent f532b449d7
commit dacef1915a

View file

@ -118,7 +118,7 @@ def db_delete(cursor, db):
def db_dump(module, host, user, password, db_name, target, port, socket=None):
cmd = module.get_bin_path('mysqldump', True)
cmd += " --quick --user=%s --password=%s" %(user, password)
cmd += " --quick --user=%s --password='%s'" %(user, password)
if socket is not None:
cmd += " --socket=%s" % socket
else:
@ -135,7 +135,7 @@ def db_dump(module, host, user, password, db_name, target, port, socket=None):
def db_import(module, host, user, password, db_name, target, port, socket=None):
cmd = module.get_bin_path('mysql', True)
cmd += " --user=%s --password=%s" %(user, password)
cmd += " --user=%s --password='%s'" %(user, password)
if socket is not None:
cmd += " --socket=%s" % socket
else: